CVE-2022-45154 – supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh
https://notcve.org/view.php?id=CVE-2022-45154
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions. • https://bugzilla.suse.com/show_bug.cgi?id=1207598 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2018-19636 – Local root exploit via inclusion of attacker controlled shell script
https://notcve.org/view.php?id=CVE-2018-19636
Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges Supportutils, en versiones anteriores a la 3.1-5.7.1, buscaba en el sistema de archivos por un binario ndspath al ejecutarse con una línea de comandos con el argumento -A. Si un atacante proporciona uno de dichos argumentos en una ubicación arbitraria, se ejecuta con privilegios root. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html https://bugzilla.suse.com/show_bug.cgi?id=1117751 • CWE-20: Improper Input Validation CWE-306: Missing Authentication for Critical Function •
CVE-2018-19639 – Code execution if run with command line switch -v
https://notcve.org/view.php?id=CVE-2018-19639
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. with CVE-2018-19638) he can execute arbitrary commands as root. Si supportutils, en versiones anteriores a la 3.1-5.7.1, se ejecuta con -v para realizar una verificación rpm y si el atacante consigue manipular la entrada rpm (p.ej., con CVE-2018-19638), éste puede ejecutar comandos arbitrarios como root. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html https://bugzilla.suse.com/show_bug.cgi?id=1118462 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-19640 – Code execution if run with command line switch -v
https://notcve.org/view.php?id=CVE-2018-19640
If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine. Si el atacante logra crear archivos en el directorio utilizado para recolectar archivos de log en supportutils, en versiones anteriores a la 3.1-5.71, (p.ej., con CVE-2018-19638), éste puede finalizar procesos arbitrarios en la máquina local. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html https://bugzilla.suse.com/show_bug.cgi?id=1118463 • CWE-20: Improper Input Validation CWE-377: Insecure Temporary File •
CVE-2018-19638 – User can overwrite arbitrary log files in support tar
https://notcve.org/view.php?id=CVE-2018-19638
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files. En Supportutils, en versiones anteriores a la 3.1-5.7.1, y si una batería de marcapasos está instalada en el sistema, un usuario sin privilegios podría haber sobrescrito archivos arbitrarios en el directorio utilizado por supportutils para recolectar los archivos de log. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html https://bugzilla.suse.com/show_bug.cgi?id=1118460 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •